Remote code execution

The Microsoft WMV video codec in wmv9vcm.dll, wmvdmod.dll in Windows Media Format Runtime 9 and 9.5, and wmvdecod.dll in Windows Media Format Runtime 11 and Windows Media Player 11 and 12 allows remote attackers to execute arbitrary code via a crafted media file, aka "WMV Video Decoder Remote Cod...

Windows媒体解压多个远程代码执行漏洞（MS10-033）

BUGTRAQ ID: 40464,40432 CVE ID: CVE-2010-1879,CVE-2010-1880 Windows是微软发布的非常流行的操作系统。 Windows中的多个多媒体处理组件在处理媒体文件时没有正确地解析其中的压缩数据，如果用户打开了特制的媒体文件，就可能允许远程代码执行。如果用户以管理权限登录，则成功利用此漏洞的攻击者可以完全控制受影响的系统。 Microsoft DirectX 9.0 Microsoft Media Format Runtime 9.5 x64 Microsoft Media Format Runtime 9.5 Microsoft...

MS10-033: Vulnerabilities in Media Decompression Could Allow Remote Code Execution (979902)

The remote Windows host has multiple unspecified code execution vulnerabilities related to media decompression. A remote attacker could exploit this by tricking a user into opening a specially crafted media file, resulting in arbitrary code execution. C Tenable Network Security, Inc...

Microsoft Media Decompression Remote Code Execution Vulnerability (979902)

This host is missing a critical security update according to Microsoft Bulletin MS10-033. OpenVAS Vulnerability Test $Id: secpodms10-033.nasl 5934 2017-04-11 12:28:28Z antu123 $ Microsoft Media Decompression Remote Code Execution Vulnerability 979902 Authors: Veerendra GG Updated By: Madhuri D on...

CVE-2010-1879

Unspecified vulnerability in Quartz.dll for DirectShow; Windows Media Format Runtime 9, 9.5, and 11; Media Encoder 9; and the Asycfilt.dll COM component allows remote attackers to execute arbitrary code via a media file with crafted compression data, aka "Media Decompression Vulnerability."...

CVE-2010-1879

Unspecified vulnerability in Quartz.dll for DirectShow; Windows Media Format Runtime 9, 9.5, and 11; Media Encoder 9; and the Asycfilt.dll COM component allows remote attackers to execute arbitrary code via a media file with crafted compression data, aka "Media Decompression Vulnerability."...

Microsoft Windows媒体实时文件压缩远程内存破坏漏洞(MS09-051)

Bugraq ID: 36602 CVE ID：CVE-2009-2525 Windows Media Format Runtime是一款用于向使用Windows Media内容的应用程序提供信息和工具。 Microsoft Windows媒体实时处理压缩音频文件中的部分函数存在错误，如果用户打开特殊构建的文件，可导致任意代码执行。如果用户以管理员全新啊登录，攻击者成功个利用此漏洞可控制整个受此漏洞影响的系统。攻击者之后可以安装程序；查看，更改或删除数据，或以系统用户权限建立新帐户。 Microsoft Windows Media Audio Voice Decoder Microsof...

Buffer overflow vulnerability in Microsoft Windows

Overview Microsoft Windows contains a buffer overflow vulnerability. Windows Media Format Runtime included in Microsoft Windows contains a buffer overflow vulnerability when parsing specific files. The security update for this vulnerability is contained in the Microsoft Security Bulletin Summary...

JVN#62211338 Buffer overflow vulnerability in Microsoft Windows

Windows Media Format Runtime included in Microsoft Windows contains a buffer overflow vulnerability when parsing specific files. Impact If a user opens a specially crafted file, an attacker may execute arbitrary code. Solution Update the software Apply the update according to the information...

CVE-2009-2498

Microsoft Windows Media Format Runtime 9.0, 9.5, and 11 and Windows Media Services 9.1 and 2008 do not properly parse malformed headers in Advanced Systems Format ASF files, which allows remote attackers to execute arbitrary code via a crafted 1 .asf, 2 .wmv, or 3 .wma file, aka "Windows Media...

CVE-2009-2499

The CVE-2009-2499 issue affects Microsoft Windows components: Windows Media Format Runtime versions 9.0, 9.5, and 11, and Windows Media Foundation on Windows Vista (Gold, SP1, SP2) and Server 2008. The vulnerability arises when processing MP3 files with crafted metadata, triggering memory corrupt...

PT-2009-4906 · Microsoft · Windows Vista +3

Name of the Vulnerable Software and Affected Versions: Microsoft Windows Media Format Runtime versions 9.0 through 11 Microsoft Media Foundation on Windows Vista and Server 2008 versions prior to SP2 Description: The issue allows remote attackers to execute arbitrary code via an MP3 file with...

Microsoft Windows媒体组件SPN实现远程代码执行漏洞（MS08-076）

BUGTRAQ ID: 32653 CVECAN ID: CVE-2008-3009 Windows媒体组件包括Windows Media Player、Windows Media Format Runtime和Windows Media Services等多种服务和应用。 Windows媒体组件在使用NTLM认证协议（具体来说，是SPN）的方式存在安全漏洞。在访问媒体之前，服务器会提示一些使用Windows媒体组件的媒体播放器（如Windows Media...

Microsoft Windows媒体组件ISATAP URL处理信息泄露漏洞（MS08-076）

BUGTRAQ ID: 32654 CVECAN ID: CVE-2008-3010 Windows媒体组件包括Windows Media Player、Windows Media Format Runtime和Windows Media Services等多种服务和应用。...

Design/Logic Flaw

Microsoft Windows Media Player 6.4, Windows Media Format Runtime 7.1 through 11, and Windows Media Services 4.1, 9, and 2008 do not properly use the Service Principal Name SPN identifier when validating replies to authentication requests, which allows remote servers to execute arbitrary code via...

CVE-2008-3010

Microsoft Windows Media Player 6.4, Windows Media Format Runtime 7.1 through 11, and Windows Media Services 4.1 and 9 incorrectly associate ISATAP addresses with the Local Intranet zone, which allows remote servers to capture NTLM credentials, and execute arbitrary code through...

CVE-2008-3010

Microsoft Windows Media Player 6.4, Windows Media Format Runtime 7.1 through 11, and Windows Media Services 4.1 and 9 incorrectly associate ISATAP addresses with the Local Intranet zone, which allows remote servers to capture NTLM credentials, and execute arbitrary code through...

CVE-2008-3009

Microsoft Windows Media Player 6.4, Windows Media Format Runtime 7.1 through 11, and Windows Media Services 4.1, 9, and 2008 do not properly use the Service Principal Name SPN identifier when validating replies to authentication requests, which allows remote servers to execute arbitrary code via...

PT-2008-4441 · Microsoft · Windows Media Player +2

Name of the Vulnerable Software and Affected Versions: Microsoft Windows Media Player version 6.4 Windows Media Format Runtime versions 7.1 through 11 Windows Media Services versions 4.1, 9, and 2008 Description: The issue arises from improper use of the Service Principal Name SPN identifier when...

Microsoft Security Bulletin MS08-076 – Important Vulnerabilities in Windows Media Components Could Allow Remote Code Execution (959807)

Microsoft Security Bulletin MS08-076 – Important Vulnerabilities in Windows Media Components Could Allow Remote Code Execution 959807 Published: December 9, 2008 Version: 1.0 General Information Executive Summary This security update resolves two privately reported vulnerabilities in the followin...